<?php
include "config.php";

$tbl_name = "users";

// username and password sent from form 
$username=$_POST['username']; 
$password=$_POST['password'];
// To protect MySQL injection
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and $name to SESSION vars and redirect to file "welcome.php"
while($row = mysql_fetch_array($result)){
	$name=$row[name];
}
session_start();
//session_register("username");
$_SESSION['username']=$username;

//session_register("password"); 
$_SESSION['password']=$password;

//session_register("name");
$_SESSION['name']=$name;
//echo "Your login was successful, " . $_SESSION['name'];
header("location:welcome.php");
}
else {
	echo "<center><font color='red'><ul><li>Your username or password was incorrect.</li></ul></font></center>";
}
?>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Radiollaboration - Login</title>
</head>
<body>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<center><img src="http://www.thaimedicalnews.com/wp-content/uploads/cleveland_clinic_logo.gif"></center>
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><center><strong>Radiollaboration Login</strong></center></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="username" type="text" id="username"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
</body>
</html>

